- A validator forced a number of transactions into the block to steal value
- "Sandwich attacks" are where a transaction is reordered so MEV can be extracted
An Ethereum Mainnet validator attacked a major MEV (maximal extractable value) bot, leading to a loss by the network of almost $20 million, CoinDesk reported.
Ethereum MEV bots are automated software programs that are designed to extract as much value as possible from Ethereum transactions.
MEV refers to the total value that can be extracted from a given block, which includes not only transaction fees but also any other potential value that can be obtained through the ordering and execution of transactions.
How do MEV bots work?
MEV bots use various techniques to extract value from Ethereum transactions, including transaction reordering, frontrunning, and backrunning.
These bots constantly monitor the Ethereum network for potential opportunities to extract MEV, and they use sophisticated algorithms to analyze and exploit these opportunities as quickly and efficiently as possible.
MEV bots are controversial because they can sometimes be used to unfairly extract value from other users, such as by frontrunning their transactions or manipulating the order in which transactions are processed.
Transactions were forced into a single block
Frontrunning was exactly the issue at hand. According to blockchain auditor OtterSec, a validator apparently forced a number of transactions into the block to steal assets, which the bot would have otherwise front-run to gain.
Bots use “sandwich attacks” to steal value
“Sandwich attacks” are a type of attack where a transaction is reordered so MEV can be extracted from it. In a sandwich attack, the attacker places their own transaction before and after the victim’s transaction, effectively “sandwiching” the victim’s transaction in between their own.
This allows the attacker to potentially extract MEV by manipulating the order in which the transactions are processed by the blockchain.
By placing their transaction before the victim’s, the attacker may be able to see and front-run the victim’s transaction, potentially extracting value from it. By placing it after the victim’s, the attacker can extract value from the resulting changes caused by the victim’s transaction.
According to OtterSec, privacy protocol Aztec Network was used to fund the wallet that caused the attack over two weeks ago, indicating it was planned.
